Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
agigliotti
Partner - Champion
Partner - Champion
‎2020-09-10 12:09 PM

double user license attribution in a multi cloud deployments (QCS & QSEoW)

Hi,
Currently I have a multi cloud deployment with 1 QSEoW and 1 QCS sharing the same SLK.
I have configured Okta Idp on both deployments as SSO.
Everything works fine except for the needed to assign double license for a single user because it has two different IdP subject values on "QMC->License->Assigned users" page:
"OKTA\username@company.com" for the one coming from QSEoW  (where OKTA is the user directory and username@company.com is the User ID)
an alphanumeric  string for ex. "00u303axcemsducvz4x6" for the one coming from QCS.
How can I manage this?
Can someone drive me to the right direction?
Many thanks in advance.
Best regards
Andrea

Labels (3)
Labels
1,150 Views
3 Replies
Leigh_Kennedy
Employee
Employee
‎2020-09-21 01:42 AM

This is configured in the 'Claims mapping' section of your identity provider in the administration console.  Be very careful making changes here as you can lock yourself out if you make a mistake.   

Regards.

1,109 Views
agigliotti
Partner - Champion
Partner - Champion
‎2020-10-23 04:25 AM
Author

In response to Leigh_Kennedy

Hi @Leigh_Kennedy ,

Is there a way to avoid lock myself out making some changes on IdP claims mapping settings ?
Please let me know.
Many thanks in advance for your collaboration.
Most important thing stay safe and take care.
Best regards
Andrea

1,056 Views
0 Likes
AlexOmetis
Partner Ambassador
Partner Ambassador
‎2020-10-27 07:44 AM

Just logged my journey of discovery and not quite fixing this issue with Azure AD... https://community.qlik.com/t5/Qlik-Sense-SaaS-Multi-Cloud/Avoiding-duplication-of-users-between-QSE-... 

 

@agigliotti In terms of making sure you don't get locked out...

  • In SaaS make sure you have the details of the original login that set up the tenant as you can login with the Qlik ID as this can be used as a recovery point. Also check the validation carefully - if it doesn't look right, don't accept it and revert your changes and revalidate.
  • In on-prem, make sure you have another virtual proxy configured you can use (e.g. NTLM) and make sure you mark your user as "Delete prohibited".
Qlik Partner Ambassador 2024
1,005 Views
0 Likes